{"id":"CVE-2024-53685","summary":"ceph: give up on paths longer than PATH_MAX","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nceph: give up on paths longer than PATH_MAX\n\nIf the full path to be built by ceph_mdsc_build_path() happens to be\nlonger than PATH_MAX, then this function will enter an endless (retry)\nloop, effectively blocking the whole task.  Most of the machine\nbecomes unusable, making this a very simple and effective DoS\nvulnerability.\n\nI cannot imagine why this retry was ever implemented, but it seems\nrather useless and harmful to me.  Let's remove it and fail with\nENAMETOOLONG instead.","modified":"2026-04-16T04:36:05.358255995Z","published":"2025-01-11T12:35:40.252Z","related":["SUSE-SU-2025:0289-1","SUSE-SU-2025:0428-1","SUSE-SU-2025:0499-1","SUSE-SU-2025:0557-1","SUSE-SU-2025:20165-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20248-1","SUSE-SU-2025:20249-1","USN-7379-2","USN-7380-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53685.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0f2b2d9e881c90402dbe28f9ba831775b7992e1f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/550f7ca98ee028a606aa75705a7e77b1bd11720f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c47ed91156daf328601d02b58d52d9804da54108"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d42ad3f161a5a487f81915c406f46943c7187a0a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e4b168c64da06954be5d520f6c16469b1cadc069"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53685.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53685"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9030aaf9bf0a1eee47a154c316c789e959638b0f"},{"fixed":"0f2b2d9e881c90402dbe28f9ba831775b7992e1f"},{"fixed":"d42ad3f161a5a487f81915c406f46943c7187a0a"},{"fixed":"e4b168c64da06954be5d520f6c16469b1cadc069"},{"fixed":"c47ed91156daf328601d02b58d52d9804da54108"},{"fixed":"99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa"},{"fixed":"550f7ca98ee028a606aa75705a7e77b1bd11720f"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-53685.json"}}],"schema_version":"1.7.5"}